[43770] in North American Network Operators' Group
Re: FWD: RE: FW: Getting hacked by Digital Isle?
daemon@ATHENA.MIT.EDU (Jared Mauch)
Fri Oct 26 00:42:33 2001
Date: Fri, 26 Oct 2001 00:37:26 -0400
From: Jared Mauch <jared@puck.Nether.net>
To: Todd Suiter <todd@s4r.com>
Cc: Christopher Wolff <chris@bblabs.com>, nanog@merit.edu
Message-ID: <20011026003726.A3176@puck.nether.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <Pine.GSO.4.33.0110252101050.5432-100000@sashimi.space4rent.com>; from todd@s4r.com on Thu, Oct 25, 2001 at 09:07:32PM -0700
Errors-To: owner-nanog-outgoing@merit.edu
They should just implement it via a cgi on their webpage
where you can disable by your IP or some netblocks.
The other thing to do is to just rate-limit icmp and know
that their stats will be off/incorrect.
btw, 3 days does give them sufficent time to respond assuming you
were to send them something after COB on friday to respond by
monday. The encoding of the abuse info is better than those old +++ATH
packets.
- Jared
On Thu, Oct 25, 2001 at 09:07:32PM -0700, Todd Suiter wrote:
>
>
>
> On Thu, 25 Oct 2001, Christopher Wolff wrote:
>
> > ---------- Original Message ----------------------------------
> > From: Sean Gleason <sgleason@digisle.net>
> > Date: Fri, 26 Oct 2001 01:02:21 +0000 (GMT)
> >
> > At this point you can:
> >
> > 1) Do nothing. Please accept our apologies and be assured that your
> > machines are not being pinged by a hostile party.
>
>
> Hostile is a matter of definition. For some of us, these would be another
> in the category of 'false positive' events that LOTs of us look at by
> hand. I may be nitpicking here, but every security/network person who
> takes time out of their schedule to analyze and dig into this 'test', is
> having their time wasted. And the several days time frame is just poor judgement.
>
> t
>
> >
--
Jared Mauch | pgp key available via finger from jared@puck.nether.net
clue++; | http://puck.nether.net/~jared/ My statements are only mine.
